Don't celebrate yet. While this is a perfectly sensible and technically accurate ruling, you know damn well that if the "wrong people" keep winning too many of these engagements the industry will just buy off - sorry... "lobby" - a few extra politicians and ram legislation through that makes a subscriber financially liable for all infringement on their subscribed service regardless of who actually commits the infringement.

Never underestimate the power of entrenched wealth and legalized political corruption. These asshats have way too much to lose to let common sense and basic fairness under the law stop them. Especially since working harder and producing a better product is certainly out of the question.

Dynamic IP is the least of the problems. With IP4 address depletion there are NATs out there with thousands of end users behind them. You could be working at an office with hundreds of co-workers and if one idiot like the boss' nephew embezzles money or downloads kiddie pr0n the "IP=ID" means the cops can bust just about anyone they want and the trial would be just a formality.

Freedom dodged on hell of a bullet with this ruling, but unfortunately it's just one round out of a very long belt.

skozlaw:Don't celebrate yet. While this is a perfectly sensible and technically accurate ruling, you know damn well that if the "wrong people" keep winning too many of these engagements the industry will just buy off - sorry... "lobby" - a few extra politicians and ram legislation through that makes a subscriber financially liable for all infringement on their subscribed service regardless of who actually commits the infringement.

Never underestimate the power of entrenched wealth and legalized political corruption. These asshats have way too much to lose to let common sense and basic fairness under the law stop them. Especially since working harder and producing a better product is certainly out of the question.

dragonchild:You could be working at an office with hundreds of co-workers and if one idiot like the boss' nephew embezzles money or downloads kiddie pr0n the "IP=ID" means the cops can bust just about anyone they want and the trial would be just a formality.

Only if that office has a network managed by complete morons. If the cops came in today and said to me that somebody from our office was doing that and they needed to know who it would take me all of 15 minutes to provide that information because we have logs of all basic network activity going back 180 days. And that's assuming the culprit was smart enough to dodge the web filter so I couldn't just look it up in that.

That said, it's rarely the cops asking me for that type of info. It's usually HR.

skozlaw:Only if that office has a network managed by complete morons. If the cops came in today and said to me that somebody from our office was doing that and they needed to know who it would take me all of 15 minutes to provide that information because we have logs of all basic network activity going back 180 days. And that's assuming the culprit was smart enough to dodge the web filter so I couldn't just look it up in that.

I think you have a very inaccurate idea of how law enforcement operates.

Dynamic IP is the least of the problems. With IP4 address depletion there are NATs out there with thousands of end users behind them. You could be working at an office with hundreds of co-workers and if one idiot like the boss' nephew embezzles money or downloads kiddie pr0n the "IP=ID" means the cops can bust just about anyone they want and the trial would be just a formality.

Freedom dodged on hell of a bullet with this ruling, but unfortunately it's just one round out of a very long belt.

You realize there's a HUGE difference between the burdens of proof in civil and criminal litigation? For a criminal investigation you have to prove beyond a reasonable doubt while civil is you just have to prove it's likely. So the nephew embezzling will have to be identified by other criteria while the the lawsuit for downloading Back Door Ladies 14 will be hit or miss.

voodoohotdog:skozlaw: Don't celebrate yet. While this is a perfectly sensible and technically accurate ruling, you know damn well that if the "wrong people" keep winning too many of these engagements the industry will just buy off - sorry... "lobby" - a few extra politicians and ram legislation through that makes a subscriber financially liable for all infringement on their subscribed service regardless of who actually commits the infringement.

Never underestimate the power of entrenched wealth and legalized political corruption. These asshats have way too much to lose to let common sense and basic fairness under the law stop them. Especially since working harder and producing a better product is certainly out of the question.

dragonchild:I think you have a very inaccurate idea of how law enforcement operates.

So your theory is they're going to kick down the door, bust in and randomly pick some schmuck to throw in front of the DA with virtually no evidence when the alternative is to pass a bit of work off on somebody else while building a virtually airtight case?

No, I don't think I'm the one who's confused here. There's no downside, it's no extra effort for them and it pretty much seals the case. There's no way they're not going to the company first and telling them "drop what you're doing and quietly give me this info, here's a court order now do it".

Good. Even if you setup a password on your wifi network, with the time, inclination and proper software will be able to crack it. And then even if you decide to go a step farther and setup MAC address filtering, someone with even more time, inclination and again the proper software will still be able to crack it.

MadMattressMack:You realize there's a HUGE difference between the burdens of proof in civil and criminal litigation? For a criminal investigation you have to prove beyond a reasonable doubt while civil is you just have to prove it's likely.

skozlaw:So your theory is they're going to kick down the door, bust in and randomly pick some schmuck to throw in front of the DA with virtually no evidence when the alternative is to pass a bit of work off on somebody else while building a virtually airtight case?

Calm down and pay attention. That's why this ruling is so important. If IP=ID ever becomes a thing, then the prosecution gets a free slam dunk because the IP is the evidence beyond a reasonable doubt. And with that kind of leverage they'll bust who they want, not who did it per se, because the objective is a successful prosecution, not actual justice. The reason to go through the logs would be to establish a case but IP=ID eliminates all that tedious work.

The confusion here isn't what's actual proof but the legal definition of proof. What's legal and what's just are two very different things, though I consider it very lucky that they coincide for today and IP=ID was struck down, at least for a day.

If someone gets in an accident while driving my car, it is his insurance that covers PL&PD , not mine.If someone drives my car through a tollbooth and does not pay, they do not send me any correspondence.If someone driving my car acts illegally, they must find him to issue the ticket.

Here's a list if you want to play with more characters (not equal is on the math page). We need to have cooler characters like Þ and Ü and æ in english

I have to use special characters all the time at work (publishing with a global consumer/advertiser base) but I had never seen an alt code for the does not equal. I just used the & # 8800 without spaces. I tried a few other altcodes but they pulled up different characters.

/Always makes me nervous when judges are making decisions on technology they don't understand.

Except the technology can allow you to, well it would at least tell you which residence it came from. At that point the owner of the residence doesn't have safe harbor priviledge and becomes responsible for anything happening behind the router.

CapeFearCadaver:I have to use special characters all the time at work (publishing with a global consumer/advertiser base) but I had never seen an alt code for the does not equal. I just used the & # 8800 without spaces. I tried a few other altcodes but they pulled up different characters.

You can enter in four digit unicode using the same method. ☼ is Alt-9999, for example.

dragonchild:If IP=ID ever becomes a thing, then the prosecution gets a free slam dunk because the IP is the evidence beyond a reasonable doubt. And with that kind of leverage they'll bust who they want, not who did it per se, because the objective is a successful prosecution, not actual justice. The reason to go through the logs would be to establish a case but IP=ID eliminates all that tedious work.

I don't think you know what you're talking about. In your example, you're talking about the IP of a device that has a default outbound route for sources and destinations without NAT rules. In a company of a thousand people, that's just a device their traffic passes through. Fundamentally no different in this example than any of the switches or cables it passes through before getting there. You could just as easily go upstream one server and say "aha! The offending traffic passed through this regional gateway so we'll pick a random person out of the 450,000 it serves and blame him!" and it would make as much sense as your example.

You can't just arbitrarily pick one person out of a thousand and throw them in front of the DA. You'd be drummed off the job and writing traffic tickets by the next morning for wasting people's time like that. Even if this ruling had gone 180 degrees in the other direction that still wouldn't make even the remotest bit of legal sense. Especially when the judge asked "well, what did you find on his computer" and the response was "a bunch of Fark links and some brony images, your honor". "No porn"? "uhh.. no".

dragonchild:skozlaw: Only if that office has a network managed by complete morons. If the cops came in today and said to me that somebody from our office was doing that and they needed to know who it would take me all of 15 minutes to provide that information because we have logs of all basic network activity going back 180 days. And that's assuming the culprit was smart enough to dodge the web filter so I couldn't just look it up in that.

I think you have a very inaccurate idea of how law enforcement operates.

I was about to say 180 days? He's very optimistic of the speed of the system. I got subpoena for web traffic and emails from 3 years prior at my old job, because some dude was violating his restraining order by contacting his ex-wife using work systems. Oh yeah let me get that for you, it's right here in /dev/null.

DoBeDoBeDo:I was about to say 180 days? He's very optimistic of the speed of the system. I got subpoena for web traffic and emails from 3 years prior at my old job, because some dude was violating his restraining order by contacting his ex-wife using work systems. Oh yeah let me get that for you, it's right here in /dev/null.

That's their problem. I don't remember exactly, but I think when we set it all up our lawyers indicated we were really only obligated to keep 30 days.

skozlaw:DoBeDoBeDo: I was about to say 180 days? He's very optimistic of the speed of the system. I got subpoena for web traffic and emails from 3 years prior at my old job, because some dude was violating his restraining order by contacting his ex-wife using work systems. Oh yeah let me get that for you, it's right here in /dev/null.

That's their problem. I don't remember exactly, but I think when we set it all up our lawyers indicated we were really only obligated to keep 30 days.

Oh I didn't say it wasn't their problem. I'm just saying that your response of having 180 days doesn't really mean much in cases like this. They won't show up on your door for probably a year after all the legal wrangling takes place.

Hell PCI-DSS requires logs for 90 days even though the typical breach takes place 200+ days prior to being discovered according to the latest Verizon Data Breach report.

So if someone goes in and out, there will be 0 logs at most organizations by the time someone realizes they were breached, IF they realize it.

If you disassemble malware, you tend to find unique issues. Sometimes when you google those things, you might find one hit. If you chase that, you end up with a page describing something about the same malware except that the page has nice javascript that will try to download illegal stuff from an eastern European web server. Some "law enforcement" group there will notice your deviant acts and then send a fax or email to the police in your local town. They have been known to send it to the local press "by accident" too.

DoBeDoBeDo:Hell PCI-DSS requires logs for 90 days even though the typical breach takes place 200+ days prior to being discovered according to the latest Verizon Data Breach report.

That must be what the goal was, 90 and we doubled it so HR could have a trail for its own nefarious purposes.

That said, bear in mind that the cops can also get court orders while they're still investigating that obligate you to hold records indefinitely if they know they'll need something, but don't know exactly what they'll need just yet.

skozlaw:I don't think you know what you're talking about. In your example, you're talking about the IP of a device that has a default outbound route for sources and destinations without NAT rules. In a company of a thousand people, that's just a device their traffic passes through.

This is the same legal system that decided a company with a monopoly on the consumer OS market wasn't being anti-competitive by bundling its software on said OS. Does it defy logic? Sure. Yeah, logic is such an awesome ally when you're in a courtroom, especially when you're in front of a judge who still has a secretary print out e-mails. FFS we have a Drug War where cops can basically arrest cash and prosecutors can open cases against material objects so you really think this makes a difference in the long run?

It's not that I don't know what I'm talking about; it's that your incredulity is preventing you from anticipating the pants-on-head derpy behavior of people who really don't know what they're talking about. A great many of whom influence rulings on court cases. Also, you're taking this way too personally. I'm not saying you're stupid; I'm saying you're unable to think like someone stupid.

Granted, IP=ID was struck down, yay. But notice how few people here are relaxed about it. Your neckbeard is really showing here in a complete inability to wrap your head around the human side of the equation in favor of embracing your own confident understanding of the technology. I'm gonna go out on a limb here and guess you're not a lawyer.

Sooner or later IP=ID might cross the desk of a corrupt judge or, far more terrifying, a very old and stupid one. And when that happens, yes, you really will get arguments this asinine. I mean, yeesh, the telcos routinely make ridiculously hypocritical and irrational arguments in court hoping the judges are too stupid to understand the underlying technical concepts so I really wouldn't sit back and rest assured that logic will prevail in the long run. They pay their lawyers a lot; they wouldn't waste their time bringing in arguments anyone with an even basic understanding of IT would instantly recognize as fundamentally flawed if they didn't like their chances that they'll eventually get a judge that's dumb enough to buy it. As for IP=ID, a prosecutor wouldn't defend an idea so broad and dangerous if they didn't intend to abuse the hell out of it, and given their affinity for other overly broad laws it's a sucker's bet they wouldn't have fun with this one.

dragonchild:It's not that I don't know what I'm talking about; it's that your incredulity is preventing you from anticipating the pants-on-head derpy behavior of people who really don't know what they're talking about.

There may have been a time when that was true, but at this point law enforcement and the legal system are so used to getting a court order to make somebody else dig through logs for their evidence that I find it very, very, very hard to believe that anything but the most podunk sheriff's office is going to put a case in front of a DA without performing at least that basic step in a scenario like that. You don't really need to know how default routes and NAT rules work, you just need to know that you can toss the work off on somebody else by getting an easy court order, and I seriously doubt they're not going to do that in the vast majority of cases involving computer crime inside an organization these days.

Hell, even our hick police force managed to nail a kiddie porn downloader a while back even though the guy formatted his drive. They sent it off to the state police who, naturally, immediately recovered all the evidence and handed it right back.

I don't think at this point law enforcement is as technically unsophisticated as you believe them to be. The courts are still lagging, but I think law enforcement, as a rule, has embraced technology to a great extent and most police forces staff or have access to people who know what they're doing and where to look for evidence in computer crime cases.